One in five UK companies has had potentially sensitive corporate data exposed via employee use of generative AI (GenAI), a new report has revealed. London-headquartered cybersecurity services provider RiverSafe polled 250 CISOs nationwide to compile its new report, Underfunded and Under Reported: Threats, Breaches, and Budgets. The data leak risks of unmanaged GenAI use help […]
The cybersecurity landscape has witnessed a new, sophisticated threat in the form of ApateWeb, a large-scale scareware and Potentially Unwanted Programs (PUPs) delivery campaign. Uncovered by Unit 42 researchers at Palo Alto Networks, the campaign is notable for its use of over 130,000 domains to propagate various forms of malicious content. Diving into Details ApateWeb […]
Dive Brief: Nearly 800 instances of Forta’s GoAnywhere MFT remain unpatched and potentially exposed to a critical vulnerability disclosed earlier this week, according to Shadowserver data published Friday. While many instances of the file-transfer service remain unpatched, less than 30 are vulnerable to exploits due to admin panel exposure on the public internet, Shadowserver said. […]
The vulnerability, tracked as CVE-2023-6933, allows unauthenticated attackers to inject a PHP object, potentially leading to code execution, data access, file manipulation, or denial of service.
The scam involved the developer downloading npm packages from a GitHub repository, which potentially allowed the attackers to gain access to his machine and drain his wallet.
Millions of cryptocurrency wallets created between 2011 and 2015 are potentially affected by an open source software vulnerability and might need to be regenerated, according to new research from Unciphered. While helping a customer regain access to a locked Bitcoin wallet last year, Unciphered discovered issues in the open source JavaScript Bitcoin library BitcoinJS that […]
A significant data breach has allegedly compromised Airbnb’s security, potentially exposing the personal information of 1.2 million users. A threat actor, who goes by the name ‘Sheriff’ on the darkweb, has come forward, claiming the Airbnb data breach, which includes sensitive details such as names, email addresses, countries of residence, cities, and more. Airbnb Data […]
Nine vulnerabilities, including potentially serious flaws, were patched recently in a couple of electric power management products made by Schweitzer Engineering Laboratories (SEL). SEL is a US-based company that provides a wide range of products and services for the electric power sector, including control systems, generator and transmission protection, and distribution automation. Researchers at industrial […]
UK election watchdog, The Electoral Commission (TEC), has been the victim of a “complex” cyber attack which has potentially exposed the data of more than 40 million voters. News of the cyber attack was published in an FAQ on the commission’s website on August 8. In the post, TEC explained that the cyber attack was discovered […]